On Wed, Aug 26, 1998 at 10:35:12AM -0400, Ossama Othman wrote:
> > > > Hence the One-Time Password suggestion. Either way, better to have/use
> > > > SSH than use telnet/ftp/r{login,sh,exec}.
> > >
> > > I have both SSL-Telnet and SSH installed. I don't type root passwords over
> > > clear connec
> > > Hence the One-Time Password suggestion. Either way, better to have/use
> > > SSH than use telnet/ftp/r{login,sh,exec}.
> >
> > I have both SSL-Telnet and SSH installed. I don't type root passwords over
> > clear connections unless it is an emergency.
>
> Hmm - why is it that emergencies al
On Tue, 25 Aug 1998, George Bonser wrote:
> On Tue, 25 Aug 1998, Ossama Othman wrote:
>
> > Hence the One-Time Password suggestion. Either way, better to have/use
> > SSH than use telnet/ftp/r{login,sh,exec}.
> >
> > -Ossama
>
> I have both SSL-Telnet and SSH installed. I don't type root passw
> > can't use Secure Shell, you might want to try One-Time Password packages,
> > such as OPIE. I believe that even WU-FTP is starting to support one time
> > passwords, too.
>
> Uhm, secure shell is not the answer to all problems. It WILL revert to an
> unsecure protocol if the other end can not
Hi,
> Interesting ... after reading the above messages, I decided to check out
> my /var/log files and found a whole suite of "in.telnetd[XXX]: connect"
> statements.
Bummer! It appears that it is time for you disable all of those incoming
services we mentioned. Have you considered using Secure
On Mon 08 Aug 1998, Nathan E Norman ([EMAIL PROTECTED]) wrote:
> Ok; granted - there are not free versions of ssh for Win95/NT (I thought
> there was one, but I don't have a URL so I'll concede the point).
There is a sorta free implementation of SSH for Win95/NT.
Source code is available, but mo
On Sun, 23 Aug 1998, Ossama Othman wrote:
> Hi,
>
> > > telnet
> > > ftp
> > > login
> > > exec
> > > finger
> > > shell
> > > ...you get the idea...
> >
> > And dont forget the r services ... rlogin, rsh, rexec, etc.
>
> Yep, the "r" services are covered by login, exec and shell.
On Mon, Aug 24, 1998 at 09:02:14AM +0100, M.C. Vernon wrote:
> On Sun, 23 Aug 1998, George Bonser wrote:
>
> > On Sun, 23 Aug 1998, Nathan E Norman wrote:
> >
> > > : And dont forget the r services ... rlogin, rsh, rexec, etc.
> > >
> > > With the availability of ssh you're insane to leave thes
On Mon, 24 Aug 1998, M.C. Vernon wrote:
: On Sun, 23 Aug 1998, George Bonser wrote:
:
: > On Sun, 23 Aug 1998, Nathan E Norman wrote:
: >
: > > : And dont forget the r services ... rlogin, rsh, rexec, etc.
: > >
: > > With the availability of ssh you're insane to leave these enabled at
Nebu John Mathai <[EMAIL PROTECTED]> writes:
> Also, is there any way to have a message pop up whenever someone is
> trying to log in?
Try xlogmaster from slink.
You can regexp for an expression and make it pop up.
Jens
--
[EMAIL PROTECTED] [EMAIL PROTECTED]
KeyID: 2048/E451C639 1998/01/2
On Sun, 23 Aug 1998, George Bonser wrote:
> On Sun, 23 Aug 1998, Nathan E Norman wrote:
>
> > : And dont forget the r services ... rlogin, rsh, rexec, etc.
> >
> > With the availability of ssh you're insane to leave these enabled at all
> > (especially rexec)
>
> Unless you are using them, you
Couple of queries, if I may.
How would I disable ssh on pppX except for ppp3?
discard, daytime and time run as root - do I need them?
Lindsay
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Lindsay Allen <[EMAIL PROTECTED]> Perth, Western Australia
voice +61 8 9316 24
>Unless you are using them, you are insane to have them enabled at all.
I would tend to agree. I managed to struggle and disable all of that crud
and only enable SSH, on a different port than 22. This adds to the
difficulties for hackers. Hey, every little bit helps. Plus, I disabled
SSH on pp
On Sun, 23 Aug 1998, George Bonser wrote:
: On Sun, 23 Aug 1998, Ossama Othman wrote:
:
: >telnet
: >ftp
: >login
: >exec
: >finger
: >shell
: >...you get the idea...
:
: And dont forget the r services ... rlogin, rsh, rexec, etc.
With the availability of
Hi,
> > telnet
> > ftp
> > login
> > exec
> > finger
> > shell
> > ...you get the idea...
>
> And dont forget the r services ... rlogin, rsh, rexec, etc.
Yep, the "r" services are covered by login, exec and shell. Here is what
inetd.conf has to say:
shell s
You might want to consider disabling all incoming connections if you are
never going to login to your machine via remote.
As George suggested, you can edit your host.{allow,deny} files or edit
/etc/inetd.conf and comment out things like:
telnet
ftp
login
exec
You might also want to check out ipfwadm...the IRC remark was very timely,
some moron from mcs.net was portscanning my machine last night :)
---
When women are depressed they either eat or go shopping. Men
invade another country.
--- Elayne Boosler
D'jinnie/Jinn, encountered on IRC a
Hi George Bonser; unless Mutt is confused, you wrote:
> On Sat, 22 Aug 1998, Nebu John Mathai wrote:
>
> > Interesting ... after reading the above messages, I decided to check out
> > my /var/log files and found a whole suite of "in.telnetd[XXX]: connect"
> > statements.
> >
> > Should I be worri
Interesting ... after reading the above messages, I decided to check out
my /var/log files and found a whole suite of "in.telnetd[XXX]: connect"
statements.
Should I be worried ... or does Debian come secure out of the box?
Also, is there any way to have a message pop up whenever someone is
tryin
Hi George Bonser; unless Mutt is confused, you wrote:
> On Sat, 22 Aug 1998, Damir J. Naden wrote:
>
> > I have tried pinging the above host right after that and it returned the
> > I.P.
> > address 153.36.2.35 . does anyone know how can I get the actual site name
> > from
> > this? As the origi
Hi Serge Delorme; unless Mutt is confused, you wrote:
> I only have a simple dial-out PPP connection from my ISP.
> I'm still on a Bo system with shadow password enable.
> Two days ago I see this message from my xconsole:
>
> Aug 20 10:19:56 ordino in.telnetd[349]: connect from ppp-014.m4-1.mtl.ic
I only have a simple dial-out PPP connection from my ISP.
I'm still on a Bo system with shadow password enable.
Two days ago I see this message from my xconsole:
Aug 20 10:19:56 ordino in.telnetd[349]: connect from ppp-014.m4-1.mtl.ican.net
Aug 20 10:20:01 ordino telnetd[349]: ttloop: peer died:
22 matches
Mail list logo
